package com.buwstudio.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.autoconfigure.ManagementServerProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.filter.ForwardedHeaderFilter;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

import com.buwstudio.application.CustomUserDetailsService;

/**
 * 
 * Description:
 * 基于自定义的登录页面进行登录授权
 * @author 卜 伟<br>
 * Last Modified: <br>
 * 2017年6月1日 上午10:26:24
 */
@Configuration
public class FormLoginSecurityConfiguration extends WebMvcConfigurerAdapter {

	 @Bean
	    FilterRegistrationBean forwardedHeaderFilter() {
	        FilterRegistrationBean filterRegBean = new FilterRegistrationBean();
	        filterRegBean.setFilter(new ForwardedHeaderFilter());
	        filterRegBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
	        return filterRegBean;
	    }

	    @Override
	    public void addViewControllers(ViewControllerRegistry registry) {
	        registry.addViewController("/login").setViewName("login");
	        registry.addViewController("/oauth/confirm_access").setViewName("authorize");
	    }
	    
	    @EnableGlobalMethodSecurity(prePostEnabled = true)
	    @Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
	    protected static class LoginConfiguration extends WebSecurityConfigurerAdapter {

	        @Override
	        @Bean
	        public AuthenticationManager authenticationManagerBean() throws Exception {
	            return super.authenticationManagerBean();
	        }

	        @Override
	        protected void configure(HttpSecurity http) throws Exception {
	            http
	            .formLogin()
	            .loginPage("/login")
	            .permitAll()
	            .and()
	            .authorizeRequests()
	            .antMatchers("/css/**","/js/**","/favicon.ico","/webjars/**")
	            .permitAll()
	            .anyRequest().authenticated();
	        }

/*	        @Override
	        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	        	 auth.inMemoryAuthentication()
	                .withUser("user").password("password").roles("USER")
	                .and()
	                .withUser("app_client").password("nopass").roles("USER")
	                .and()
	                .withUser("admin").password("password").roles("ADMIN");
//	            auth.parentAuthenticationManager(authenticationManager);
	        	 
	        }*/
	        
	        /**
	         * 从db中获取用户信息
	         */
	    	@Autowired
	    	private CustomUserDetailsService userDetailsService;
	    	
	    	@Autowired
	    	public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
	    		authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(passwordEncoder());
	    	}

	    	@Bean
	    	public PasswordEncoder passwordEncoder() {
	    		return new BCryptPasswordEncoder();
	    	}
	    	
	        
	    }
}
